An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS.
History

Mon, 16 Sep 2024 23:15:00 +0000

Type Values Removed Values Added
Title Possible XSS in Admin Interface Possible XSS in Admin Interface

cve-icon MITRE

Status: PUBLISHED

Assigner: OTRS

Published: 2022-09-05T06:40:11.053227Z

Updated: 2024-09-16T23:10:38.532Z

Reserved: 2022-08-31T00:00:00

Link: CVE-2022-39049

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-09-05T07:15:07.980

Modified: 2024-11-21T07:17:27.197

Link: CVE-2022-39049

cve-icon Redhat

No data.